Re: PGP signature problems with firmware ISO images

To: Holger Levsen <holger@layer-acht.org>
Cc: debian-boot@lists.debian.org, Cyril Brulebois <kibi@debian.org>
Subject: Re: PGP signature problems with firmware ISO images
From: Steve McIntyre <steve@einval.com>
Date: Fri, 12 Apr 2013 14:56:28 +0100
Message-id: <20130412135628.GC28423@einval.com>
In-reply-to: <201304121548.25204.holger@layer-acht.org>
References: <20130320164216.69ed7a70@spongebob.dsg.to> <E1UINAk-0002jp-Aw@mail.einval.com> <20130406212548.GE13935@mraw.org> <201304121548.25204.holger@layer-acht.org>

On Fri, Apr 12, 2013 at 03:48:14PM +0200, Holger Levsen wrote:
>Hi Steve,
>
>On Samstag, 6. April 2013, Cyril Brulebois wrote:
>> would it make sense to put up a jenkins job which would make sure
>> signatures are available for images on cdimage, and that those
>> signatures are OK?
>> 
>> We would then get a warning for images which need a (pending)
>> signature during the “prepare a release” phase, but also notice when a
>> signature goes away, due to some sync/mv issues (I think it happened a
>> few times for the d-i wheezy alpha/betas/rc releases, even if I don't
>> have any numbers at hand).
>
>I'd be happy to set up such tests, though instead of downloading the images 
>and checking the signatures I think it would be better to run these tests on 
>pettersson.d.o and then analyse them with jenkins - to avoid daily downsloads 
>of hundreds of gigabytes..
>
>Steve, are you ok with me setting up such (cron)jobs on petterson? From a 
>quick look it seems, /srv/cdbuilder.debian.org/jenkins-logs/ could be a 
>suitable place to publish them, so some jenkins jobs running on 
>jenkins.debian.net can wget these results, which in the cases of signature-
>failures can result in notifications to #debian-boot as well as via email.
>
>And, which images to test for signatures? find /dsa/cdimage -name "*iso"
>finds to many ;)
>
>Before running any code on petterson I will put it into git for review 
>first...

Ummm...

I don't understand the suggestion of Jenkins here at all - it sounds
like major overkill to me. Don't get me wrong, I'm happy that other
people are interested in helping here. But I think we're getting
over-complicated for the sake of checking that checksums files have
been signed...?

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
  Getting a SCSI chain working is perfectly simple if you remember that there
  must be exactly three terminations: one on one end of the cable, one on the
  far end, and the goat, terminated over the SCSI chain with a silver-handled
  knife whilst burning *black* candles. --- Anthony DeBoer

Reply to:

Follow-Ups:
- Re: PGP signature problems with firmware ISO images
  - From: Holger Levsen <holger@layer-acht.org>

References:
- Re: PGP signature problems with firmware ISO images
  - From: Cyril Brulebois <kibi@debian.org>
- Re: PGP signature problems with firmware ISO images
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Re: Problems and questions with preseeding
Next by Date: Re: Re: Problems and questions with preseeding
Previous by thread: Re: PGP signature problems with firmware ISO images
Next by thread: Re: PGP signature problems with firmware ISO images
Index(es):
- Date
- Thread